CVE-2012-6129

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2012-6129
Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted "micro transport protocol packets."

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://lists.opensuse.org/opensuse-updates/2013-03/msg00064.html
http://www.openwall.com/lists/oss-security/2013/02/13/1
http://www.ubuntu.com/usn/USN-1747-1
https://bugzilla.redhat.com/show_bug.cgi?id=909934
https://trac.transmissionbt.com/changeset/13646 Exploit Patch
https://trac.transmissionbt.com/ticket/5002
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:transmissionbt:transmission:*:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.1:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.2:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.3:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.4:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.5:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.6:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.70:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.71:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.72:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.80:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.81:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.82:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.90:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.91:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.92:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.93:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.94:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.95:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.96:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.00:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.01:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.02:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.2:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.03:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.04:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.05:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.06:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.10:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.11:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.20:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.21:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.22:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.30:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.31:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.32:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.33:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.34:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.40:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.41:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.42:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.50:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.51:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.52:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.53:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.54:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.60:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.61:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.70:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.71:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.72:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.73:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.74:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.75:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.76:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.77:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.80:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.81:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.82:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.83:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.90:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.91:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.92:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.93:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.00:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.01:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.02:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.03:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.04:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.10:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.11:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.12:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.13:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.20:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.21:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.22:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.30:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.31:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.32:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.33:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.40:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.41:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.42:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.50:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.51:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.52:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.60:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.61:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.70:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.71:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.72:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
History

No history.

Information

Published : 2013-04-03 00:55

Updated : 2013-04-03 04:00

NVD link : CVE-2012-6129

Mitre link : CVE-2012-6129

CVE.ORG link : CVE-2012-6129

JSON object : View

Products Affected

transmissionbt

  • transmission

canonical

  • ubuntu_linux

fedoraproject

  • fedora
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer